Your data stays yours.
EvacLog is built on a local-first architecture. Your inventory, photos, and financial connections never leave your device unless you choose otherwise.
How We Protect Your Data
Six core principles that guide every technical decision we make.
Local-First Architecture
Your inventory data lives on your device by default. We never require cloud storage — your photos, receipts, and item details stay under your control unless you explicitly enable cloud backup.
End-to-End Encryption
When you choose to sync or back up, all data is encrypted with AES-256 before it leaves your device. Only you hold the decryption key — not even EvacLog engineers can read your data.
Minimal Data Collection
We collect only what's necessary to run the service: an anonymous account identifier and basic usage analytics. We never sell data, serve ads, or share information with third parties.
Bank-Level Card Security
Card connections are handled through Plaid, a SOC 2 Type II certified provider. We never see, store, or have access to your full card number, CVV, or banking credentials.
On-Device Photo Analysis
AI photo recognition runs entirely on your device using Apple's Core ML framework. Your photos are never uploaded to our servers — all item detection happens locally.
Your Data, Your Choice
Export your full inventory at any time in standard formats. Delete your account and all associated data instantly — no retention periods, no hidden copies, no questions asked.
Encryption & Infrastructure
The technical details behind our security.
Frequently Asked Questions
Common questions about privacy and data handling.
What data does EvacLog collect?
We collect an anonymous account identifier, app usage analytics (screens visited, feature usage), and crash reports. We do not collect your inventory data, photos, or financial information on our servers.
How is my card information protected?
Card connections are established through Plaid, which is SOC 2 Type II certified and used by thousands of financial apps. EvacLog only receives transaction metadata (merchant name, amount, date) — never your card number or credentials.
Are my photos uploaded to the cloud?
No. Photo analysis happens entirely on your device using on-device machine learning. Photos never leave your phone unless you explicitly choose to back them up with cloud sync enabled.
Can EvacLog employees see my inventory?
No. All synced data is end-to-end encrypted with a key only you possess. Our servers store encrypted blobs that are meaningless without your key. Even with a court order, we cannot decrypt your data.
What happens if I delete my account?
All server-side data is permanently deleted within 24 hours. Local data on your device remains until you uninstall the app. We provide a full data export before deletion.
Is EvacLog GDPR / CCPA compliant?
Yes. We comply with GDPR, CCPA, and other applicable privacy regulations. You can request a copy of your data, correct inaccuracies, or delete everything at any time from Settings.
Does EvacLog share data with insurance companies?
Never without your explicit action. You control when and how to share your inventory — for example, by exporting a PDF report and sending it yourself. We have no integrations that share data automatically.
Want the full legal details?
Our complete privacy policy covers data processing, retention schedules, sub-processors, and your rights under GDPR, CCPA, and other regulations.